Citi Group Wealth Digital & Partnership - Lead ISO SVP C14 

United States, Florida, Jacksonville 

208391506

Responsibilities

• Work directly with business, functions and technology units and relevant stakeholders to facilitate/ perform Citi’s IS risk assessment and risk management processes in order to protect information assets
• Work with business and technology management to drive the information security program and information risk management activities
• Work with the internal Applications Development function to drive the development of strategies and plans for improving both architecture and application security
• Provide strategic risk guidance for business and technology projects, including the evaluation and recommendation of security controls and corrective actions to mitigate or remediate risks
• Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data and the company's reputation
• Conduct and facilitate security reviews and table-top/red-team/scenario analysis exercises in conjunction with other Subject Matter Experts by monitoring changes in the risk profile and exposure for the application
• Define secure configurations leveraging technical knowledge and problem solving skills in the network, database, API, Mobile and Web technology areas in accordance with the secure process and develop functional specifications and documentation
• Assist with responsibilities over the technical strategy for an area, technical integrity of process, operations, and associated results
• Participate in the evaluation and selection of applications and systems with specific focus on IS implications
• Participate/provide, as required, IS awareness training programs for employees, contractors and approved system users.
• Facilitate compliance with all Information Security policies, standards and regulations / directives as mandated by Global CISO Organization
• Provide oversight of Information Security Assessments across applications, infrastructure and business process. Ensure non-compliant items are resolved through coordination with Business Manager and business staff

Qualifications

• 10+ years' experience involvement around software development with at least 4+ years' experience in Cybersecurity and Information Security risk and mitigation
• Firm understanding of Information Security domains like Identity access management (IAM), Cryptography, Data protection, Vulnerability Assessment, AuditLogging/Monitoring, etc.
• Strong working knowledge of software development processes and methodologies (SLDC, Agile, Iterative, DevOps, CICD, etc.)
• Demonstrated ability to take ownership and follow up on issues
• Demonstrated ability to work in a team and to work well under pressure
• Advanced analytical and problem solving skills
• Consistently demonstrates clear and concise written and verbal communication
• Proficient in interpreting and applying policies, standards and procedures
• Demonstrated ability to remain unbiased in a diverse working environment
• Ability to manage multiple activities and changing priorities
• Ability to work under pressure and meet tight deadlines
• Self-starter with ability to take the initiative and master new tasks quickly
• Experience working with SaaS and/or Public Cloud is a plus

Education

• Bachelor’s degree/University degree or equivalent experience
• Master’s degree preferred
• Technical certifications preferred e.g., CISSP, or any public Cloud related certifications (AWS, GCP, Azure/M365)

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

Anticipated Posting Close Date: